Wireless access points may provide users of internet-enabled devices with efficient and/or widespread access to wired network connections. To facilitate efficient connections to wireless access points, many computing devices may remember the configuration details of a wireless access point after connecting to the wireless access point for the first time. When re-entering the range of the wireless access point, a computing device may request access to the wireless access point and quickly re-connect.
When initially establishing a connection to a wireless access point, a computing device may store information that identifies the wireless access point and/or the network to which the wireless access point provides access. In particular, the computing device may store the Service Set IDentifier (SSID), the Basic Service Set IDentifier (BSSID), or Media Access control (MAC) address of the wireless access point. The computing device may later use this information to attempt to re-connect to the (now known) wireless access point. For example, when not connected to the known wireless access point, the computing device may be configured to automatically and periodically (e.g., every half second, every minute, etc.) transmit a request to connect to the known wireless access point. Specifically, when not connected to the known wireless access point, the computing device may repeatedly transmit probe requests (via an 802.11 protocol) that contain the SSID or BSSID of the known wireless access point. If the known wireless access point receives a probe request directed to it, the wireless access point may respond with a probe response that contains the SSID or BSSID of the known wireless access point. When the computing device receives a probe response from the known wireless access point, the computing device may attempt to re-connect to the known wireless access point.
Unfortunately, traditional technologies for connecting computing devices to wireless access points may have certain security deficiencies that may leave the computing devices vulnerable to various link-layer wireless attacks. For example, conventional network security systems may fail to provide any reliable and/or trusted techniques for computing devices to verify the legitimacy and/or identity of wireless access points. As a result, an attacker may configure a malicious device (e.g., a so-called WIFI PINEAPPLE) to mimic or spoof a wireless access point known to a computing device. For example, the attacker may configure the malicious device to respond to a computing device's probe requests as if the malicious device was a wireless access point known to the computing device. Since the malicious device acts like a known wireless access point, the computing device may connect to the malicious device as if it was the known wireless access point. After the computing device connects to the malicious device, the attacker may view all network traffic sent to and from the computing device. Some computing devices may be capable of detecting link-layer wireless attacks, however, some computing devices (e.g., mobile devices with restricted operating systems) may be less capable or unable to do so. The instant disclosure, therefore, identifies and addresses a need for systems and methods for disseminating location-based reputations for link-layer wireless attacks.